<?php
/*
 * @Author: your name
 * @Date: 2020-05-22 14:27:22
 * @LastEditTime: 2020-05-25 15:09:28
 * @LastEditors: Please set LastEditors
 * @Description: In User Settings Edit
 * @FilePath: /v3/application/adminapiv3/service/hostRuleManage/HostRuleService.php
 */ 
namespace app\adminapiv3\service\hostRuleManage;

use app\adminapiv3\service\Base;
use app\adminapiv3\service\IpsRule;

class HostRuleService extends Base
{
    const STATUS_ENABLE = 1; //规则开启
    const STATUS_DISABLE = 0; //规则关闭
    const HANDLE_STOP = 0; //处理方式 禁止
    const HANDLE_ALLOW = 1; //处理方式 允许
    const HANDLE_WARRING = 2; //处理方式 警告
    /**
     * @name: 开启规则
     * @Param: 
     * @Description: 
     * @Author: foo
     * @Date: 2020-05-22 14:28:38
     */
    function enableRule($ruleId, $hostId)
    {
        if($ruleId == 1000){
            returnErrJson($this->CODE_FAIL, '该规则为系统内置规则,无法操作该规则');
        }elseif ($ruleId > 600000000){
            $ruleInfo = db('ips_rule')->where('sid', $ruleId)
                ->where('host_id', $hostId)->find();

            if(empty($ruleInfo)){
                returnErrJson($this->CODE_FAIL, '对应规则已经删除或已被修改,无法完成此操作');
            }

            //开启
            $ipsRuleServer = new \app\common\service\IpsRule();
            $ipsRuleServer->modify(['id' => $ruleInfo['id']], ['status' => 1]);
            $ipsRuleServer->modify(['fid' => $ruleInfo['id']], ['status' => 1]);

        }else{
            $ruleInfo = db('ips_normal_rule')->where('sid', $ruleId)->find();

            if(empty($ruleInfo)){
                returnErrJson($this->CODE_FAIL, '该规则已变更,无法完成此操作');
            }

            db('host_normal_rule_relation')->where('host_id', $hostId)
                ->where('rule_id', $ruleInfo['id'])->update(['status' => 1]);
        }

    }

    /**
     * @name: 关闭规则
     * @Param: 
     * @Description: 
     * @Author: foo
     * @Date: 2020-05-22 14:28:46
     */
    function disableRule($ruleId, $hostId)
    {
        if($ruleId == 1000){
            returnErrJson($this->CODE_FAIL, '该规则为系统内置规则,无法操作该规则');
        }elseif ($ruleId > 600000000){
            $ruleInfo = db('ips_rule')
                ->where('sid', $ruleId)
                ->where('host_id', $hostId)->find();

            if(empty($ruleInfo)){
                returnErrJson($this->CODE_FAIL, '对应规则已经删除或已被修改,无法完成此操作');
            }

            //关闭
            $ipsRuleServer = new \app\common\service\IpsRule();
            $ipsRuleServer->modify(['id' => $ruleInfo['id']], ['status' => 0]);
            $ipsRuleServer->modify(['fid' => $ruleInfo['id']], ['status' => 0]);
        }else{
            $ruleInfo = db('ips_normal_rule')->where('sid', $ruleId)->find();

            if(empty($ruleInfo)){
                returnErrJson($this->CODE_FAIL, '该规则已变更,无法完成此操作');
            }

            db('host_normal_rule_relation')
                ->where('host_id', $hostId)
                ->where('rule_id', $ruleInfo['id'])
                ->update(['status' => 0]);
        }
    }

    /**
     * @name: 添加ip到白名单
     * @Param: 
     * @Description: 
     * @Author: foo
     * @Date: 2020-05-25 14:54:23
     */
    function addIpToWhiteList ($host_id, $ip, $attack_id)
    {
        $type = db('ips_type')->where('show_name','IP限制')->value('id');

        $addRule = [
            'name' => '设置IP白名单',
            'description' => '设置IP默认放行',
            'type' => $type,
            'content' => $ip,
            'status' => 1,
            'handle' => 1,
            'ctime' => time(),
            'execute_content' => '',
            'intranet' => 0,
            'host_id' => $host_id,
            'fid' => 0,
        ];

        $ipsRuleServer = new IpsRule();

        $ruleInfo = db('ips_rule')
            ->where('host_id', $host_id)
            ->where('content', $addRule['content'])
            ->where('type', $addRule['type'])
            ->find();

        if(!empty($ruleInfo)){//若有的情况,则删除
            db('ips_rule')->where('id', $ruleInfo['id'])->delete();
        }

        //添加规则sid
        $newId = db('ips_rule')->insertGetId($addRule);
        $sid = $ipsRuleServer->createSid($newId);

        $updateData = [
            'execute_content' => $ipsRuleServer->encryptRule($sid, $addRule),
            'sid' => $sid
        ];

        //修改
        db('ips_rule')->where('id', $newId)->update($updateData);

        db('NetworkAttack')->where('src_ip', $ip)->update(['allow_ip_rule_id' => $newId]);

        return $newId;
    }

    /**
     * @name: 清空ip到白名单
     * @Param:
     * @Description:
     * @Author: foo
     * @Date: 2020-05-25 14:54:23
     */
    function clearIpToWhiteList ($host_id, $ip, $attack_id)
    {
        //删除规则
        $attackInfo = db('NetworkAttack')->where('id', $attack_id)->find();

        if(empty($attackInfo)){
            $this->setError($this->CODE_FAIL, '未查询到该日志');
            return false;
        }

        //删除自定义规则
        db('ips_rule')->where('id', $attackInfo['allow_ip_rule_id'])->delete();

        //修改
        db('NetworkAttack')->where('src_ip', $ip)->update(['allow_ip_rule_id' => 0]);

        return true;
    }
}